Retired Senior (now termed Chief) District Judge Richard Magnus to chair the COI

The cybersecurity attack on SingHealth’s IT system, resulting in the exfiltration of 1.5 million patients’ non-medical personal data and 160,000 patients’ dispensed medicines data, is the most serious breach of personal data that Singapore has experienced.

2 The Cyber Security Agency (CSA)’s investigations have established that the attack was deliberate, targeted and carefully planned. It was not the work of casual hackers or criminal gangs. Prime Minister Lee Hsien Loong’s personal particulars and outpatient medication data were specifically and repeatedly targeted.

Committee of Inquiry

3 This incident has serious public health and safety implications. Therefore, the Minister-in-Charge of Cybersecurity, Mr S Iswaran, will convene a Committee of Inquiry (COI) under Section 9 of the Inquiries Act (Cap 139A). Mr Richard Magnus, a retired Senior (now termed Chief) District Judge and member of the Public Service Commission, has agreed to chair the COI.

4 The COI will establish the events and contributory factors leading to the cybersecurity attack, and the incident response. It will also recommend measures to better manage and secure SingHealth’s and other public sector IT systems against similar cybersecurity attacks in future.

5 The COI’s composition and Terms of Reference will be announced at a later date.

Government to Take Immediate Actions to Strengthen IT Systems

6 Meanwhile, the Government will take immediate action to strengthen our IT systems against similar cybersecurity attacks. The Minister-in-Charge of Cybersecurity has directed CSA to work closely with all 11 key sectors1 to enhance the cybersecurity of their Critical Information Infrastructure systems.

7 The Smart Nation and Digital Government Group (SNDGG) has completed a scan of all government systems and found no evidence of compromise. SNDGG will pause the introduction of new ICT systems while it reviews the cybersecurity measures of government systems, and implements any additional security safeguards which are necessary.

Ensuring Cybersecurity in the Digital Age

8 While we will do our utmost to secure our IT systems from attack, unfortunately we cannot completely eliminate the risk of another cybersecurity attack. Every country is under threat, and the attackers are constantly developing new techniques and probing for fresh weaknesses in IT systems. However, we must not allow this incident, or any others like it, to derail our plans for a Smart Nation. We must adapt ourselves to operate effectively and securely in the digital age, to deliver better public services, enhance our economic competitiveness, and create good jobs and opportunities for Singaporeans.

9 The Government takes with utmost seriousness its responsibility of ensuring the security of public sector IT systems and databases. We will learn from the experience of this deliberate and sophisticated cybersecurity attack, and implement measures to better secure our public sector IT systems and databases, and uphold public trust in our systems.


--------------------------------------------------------------------------------------------------------------------------
[1]Energy, Water, Banking and Finance, Healthcare, Transport (which includes Land, Maritime, and Aviation), Infocomm, Media, Security and Emergency Services, and Government.

Speech by Mrs Josephine Teo, Minister for Communications and Information at CyFy 2021 on 19 Oct 2021 Speeches Infocomm Media 19 Oct 21
Opening Keynote Address by Mrs Josephine Teo, Minister for Communications and Information, at Global System for Mobile Communications Association (GSMA) Mobile 360 Asia Pacific Conference on 19 Oct 2021 Speeches Infocomm Media 19 Oct 21
Four New MOUs Signed at the 2nd Singapore–China (Shenzhen) Smart City Initiative Joint Implementation Committee Meeting To Accelerate Digital Economy Collaborations Press Releases Infocomm Media, Digital Readiness 18 Oct 21
Opening Remarks by Ms Yong Ying-I, Permanent Secretary for Ministry of Communications and Information, at the 2nd Singapore-China (Shenzhen) Smart City Initiative (SCI) Joint Implementation Committee Meeting on 18 OCT 2021 Speeches Infocomm Media, Digital Readiness 18 Oct 21
Opening Remarks by Mrs Josephine Teo, Minister for Communications and Information, at SCS Tech3 Forum on 15 Oct 2021 Speeches Infocomm Media 15 Oct 21
Closing Remarks by Ms Rahayu Mahzam, Parliamentary Secretary, Ministry of Communications and Information, at the DBS Judiciary MCI Hackathon for a Better World 2021 Judging Day on 7 October 2021 Speeches Others 07 Oct 21